>> Date: Tue, 30 Dec 2014 11:46:38 -0500 >> From: Ted Unangst <[email protected]> >> >> RFC 864 specifies the chargen service. The RFC recommends a recognizable >> pattern, but it was also written at a time when the internet was a >> kindler, gentler place. A better recommendation for the modern >> internet would be to produce random data. >> >> Diff follows. IMO the code is easier to reason about without the >> ring arithmetic. Benchmarking reveals the code is slightly slower now >> (8MB/s vs 10MB/s), but I think that's an acceptable tradeoff. > >Jesus Ted, now you're defenitely beating dead horses. > >inetd is disabled by default, within the default inetd.conf chargen is >disabled. If people still manage to enable this code, they deserve >what they get. > >Besides I really don't understand what issue this tries to address. >Are you setting a trap for some poor Linux user who will blindly adopt >this "OpenBSD made chargen secure" diff on a system with a poor >arc4random implementation, exposing the internal state of the speudo >random generator to the internets? > >Oh, and Wikipedia calls the existing pattern a "de facto standard".
I also note the existing pattern has peculiar compressibility, which the random pattern would not. The idea is dead.
